276 matches found
EUVD-2025-199299
Malicious code in @posthog/rrweb-replay npm...
Malicious code in @posthog/rrweb-replay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 084c272e547764a91347a8436855b707a75409f57fde2692078e9edf5d9b703b The package @posthog/rrweb-replay was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191299 Malicious code in @posthog/rrweb-replay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 084c272e547764a91347a8436855b707a75409f57fde2692078e9edf5d9b703b The package @posthog/rrweb-replay was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199096
Malicious code in @posthog/plugin-server npm...
Malicious code in @posthog/plugin-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbacde545c940abfe63a0667580ea37cfc021d6b3e25094b71e23273cd899e1b The package @posthog/plugin-server was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190947 Malicious code in @posthog/plugin-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbacde545c940abfe63a0667580ea37cfc021d6b3e25094b71e23273cd899e1b The package @posthog/plugin-server was found to contain malicious code. Source: ghsa-malware...
Malicious code in @posthog/drop-events-on-property-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1dee879dbf8f8819008c31e641e4fec6584690087c6929cba530e9171464cb4 The package @posthog/drop-events-on-property-plugin was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199097
Malicious code in @posthog/drop-events-on-property-plugin npm...
EUVD-2025-199098
Malicious code in @posthog/clickhouse npm...
Malicious code in @posthog/clickhouse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab67710c7cf24d338618be2ab087d4c3b27117879492e29334b31cd0328e171a The package @posthog/clickhouse was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190945 Malicious code in @posthog/clickhouse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab67710c7cf24d338618be2ab087d4c3b27117879492e29334b31cd0328e171a The package @posthog/clickhouse was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in @posthog/nextjs-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 413c527b7ca5fcc3cc28ad0195f527e99f9d0f1061994161eafba170450175b7 The package @posthog/nextjs-config was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-198941
Malicious code in @posthog/kinesis-plugin npm...
EUVD-2025-198930
Malicious code in @posthog/twilio-plugin npm...
EUVD-2025-198932
Malicious code in @posthog/snowflake-export-plugin npm...
EUVD-2025-198950
Malicious code in @posthog/customerio-plugin npm...
MAL-2025-190881 Malicious code in @posthog/gitub-star-sync-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4be422ec924addbeb23c34a8b3305835feb3d665ab57afdc1450734d0b10f5a4 The package @posthog/gitub-star-sync-plugin was found to contain malicious code. Source: google-open-source-security...
Malicious code in posthog-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 317ab9fe546aa6930bf7fb3ee7c35c737d56963b41a4f3d4363abdb0ebfbfa49 The package posthog-docusaurus was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190925 Malicious code in posthog-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2ec4a50c0b553e9abbcc25147ad50014cf1488415e1ec8e3234f3e9bb3cc24e The package posthog-node was found to contain malicious code. Source: google-open-source-security...